[MLUG] Lax security practices?

[Phillip Kelchen <EMAIL:PROTECTED>]

Since I have found myself with two computers running Linux now (my new desktop 
and my old laptop, both running SuSE 10.0, one 32-bit and one 64-bit.) I have 
been working on networking the two so that I can put the notes I take on the 
laptop on the desktop and print on the desktop's printer from the laptop. 

One thing I noticed was that I could ssh and login as root by default to 
either machine with SSH1 or SSH2 (!!!) Doesn't this strike you as a huge 
security loophole since this is set up this way out of the box? It did for 
me- enough to hunt down how to properly configure /etc/ssh/sshd_config to 
disable SSH1 and remote root logins. I would have thought that sort of thing 
would (should) be disabled by default as it is a security risk and only those 
who know what they are doing would need to change it. SFTP and SSH to Bengal 
still work fine after my changes, so I'd imagine that most people's SSHing to 
other boxes and using SFTP would be unhindered too. You can still su to root 
on the remote machine granted that you have a shell account and that your 
account is in the sudoers group.

I guess this kind of thing is how Linux boxes get hacked if they have to allow 
SSH access to the Internet- brute force the root password via SSH or force 
the connection to use SSH1 and crack that. SuSE is a rather polished 
distribution and I guess that there are a lot of new/inexperienced users that 
are running it totally unaware of the security issue, like I was for the last 
2 years. I was behind a router that blocked incoming SSH, but...

Phillip

_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members